Business intelligence monitoring tools are typically utilized in connection with large data base access systems in relatively large corporations, as well as in other environments. Typically, such tools monitor and/or control access to databases to increase efficiency, implement security policies, and perform a variety of other functions. As various BI reports are run, information accessed and utilized by a relatively large number of users is often monitored and controlled.
Many business intelligence systems run on a web server, and permit plural users utilizing, for example, a thin client such as a web browser, to access the database. An exemplary such prior art arrangement is shown in FIG. 1. Plural clients 102-104 connect to the database system 106 through a server with a BI system, shown as 101.
Many organizations provide monitoring capability shown as 105, in order to monitor the reports and queries taking place between the data base system 106 and the clients through server 101.
One problem with such prior art arrangement is that it is customary for the server with BI tool 101 to utilize a single database login to process the various requests for reports, queries, and other transactions being communicated between the users 102-104 and the database system 106. More specifically, database 106 and server 101 interface as if server 101 were a single user of the database system invoking various transactions. The server 101 includes appropriate software to then separate out responses from database 106 and forward them to the appropriate one of users 102-104.
Consequently, queries and other transactions arriving at server 101 from users 102-104 are often stripped of user IDs and other relevant information, and subsequently are sent to database system 106. Accordingly, the communications between database 106 and server 101 includes little or no indication of the specific user 102-104 for which those communications are relevant, and may also be lacking other important information.
Because the internal information within the server 101 is often unavailable to the monitor 105, and is almost always unavailable in real time, an organization monitoring the communications between 106 and server 101 cannot produce an audit trail that is capable of identifying specific users and other specific information that the server 101 has stripped off.
In view of the foregoing, prior art systems are only capable of generating somewhat incomplete audit and monitoring data, and a need exists for a more accurate way for organizations to monitor and control database query and access. Additionally, since tools that restrict certain queries based upon database models may rely upon past experience with particular queries, it is important that any monitored information be available for use in updating rules and other systems that may provide security or other access restrictions.